Author Topic: Virus Win32:Malware-Gen, How can i get rid of it?????  (Read 23606 times)

0 Members and 1 Guest are viewing this topic.

Offline oldman

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 4142
  • Some days..... MOS...this bug's for you
Re: Virus Win32:Malware-Gen, How can i get rid of it?????
« Reply #15 on: November 17, 2009, 02:40:59 AM »
Hi

Ok, that explains what happene to some of those entries I had in the CFScript.

Let's see if anything is left.



*Note
It is recommended to disable onboard antivirus program and antispyware programs while performing scans so there are no conflicts and it will speed up scan time.
Please don't go surfing while your resident protection is disabled!
Once the scan is finished remember to re-enable your antivirus along with your antispyware programs.



Please go to Kaspersky website and perform an online antivirus scan.
  • Read through the requirements and privacy statement and click on Accept button.
  • It will start downloading and installing the scanner and virus definitions.
  • You will be prompted to install an application from Kaspersky. Click Run.
  • When the downloads have finished, click on Settings.
  • Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button
    • Spyware, Adware, Dialers, and other potentially dangerous programs
    • Archives
    • Mail databases[/b]
  • Click on My Computerr under Scan.
  • Once the scan is complete, it will display the results. Click on View Scan Report.
  • You will see a list of infected items there. Click on Save Report As....
  • Change the Files of type to Text file (.txt)
  • Set the Save In to Desktop
  • click the Save button.
  • Please post this log in your next reply.
« Last Edit: November 17, 2009, 02:47:20 AM by oldman »

domdom63

  • Guest
Re: Virus Win32:Malware-Gen, How can i get rid of it?????
« Reply #16 on: November 17, 2009, 11:02:40 PM »
Thanks for waiting ... I ran the Scan last night. And the electric shortage when about finish, LOL. So, I have to run it again this morning.
BTW, here is the file
... And... Uhm, do I have to uninstall combofix, now?

rodg

  • Guest
Re: Virus Win32:Malware-Gen, How can i get rid of it?????
« Reply #17 on: November 18, 2009, 10:24:31 AM »
I have the same problem with my ISP installation sofware...so I delete it re-download to my desktop and verify it, it still show as a Virus Win:32:Malware-gen!
I am not a PC literate but need to connect is it dangerous for me to log with this file, remember I cannot do so without it!
Thanks for anyhelp here.

domdom63

  • Guest
Re: Virus Win32:Malware-Gen, How can i get rid of it?????
« Reply #18 on: November 18, 2009, 11:25:17 PM »
Mr. Oldman please help me :'(

Thank you

Offline oldman

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 4142
  • Some days..... MOS...this bug's for you
Re: Virus Win32:Malware-Gen, How can i get rid of it?????
« Reply #19 on: November 19, 2009, 05:03:58 AM »
Hi domdom63,

My apologies, I missed your post. We will remove combofix shortly.

One bad detection, the other 2 are in restore points and will be removed when we remove combofix.

Please follow all previous instructions regarding security programs.

Open a new Notepad session
  • Click the Start button, click run
  • in the run box type notepad
  • click ok
  • In the notepad, Click "Format" and be certain that Word Wrap is not checked.

  • Copy and paste all the text in the code box below into the Notepad. Do Not copy the word CODE
Code: [Select]
File::
C:\WINDOWS\tepie\install.48143.exe

Dirlook::
C:\WINDOWS\tepie


In the notepad
  • Click File, Save as..., and set the Save in to your Desktop
  • In the filename box, type (including quotation marks) as the filename: "CFScript.txt"
  • Click save
Using your mouse left button, drag the new file CFscript.txt and drop it on the ComboFix.exe icon as shown below.

This will start ComboFix again.[color="red"]Close  all browser/windows first.[/color]

[color="blue"]**Note: Do not mouseclick combofix's window while it's running. That may cause it to stall**[/color]



Please post back with he combofix log.

Thanks

domdom63

  • Guest
Re: Virus Win32:Malware-Gen, How can i get rid of it?????
« Reply #20 on: November 19, 2009, 09:16:19 PM »
Hi Mr. Oldman

I've done what you asked me to do. but, it automatics rebooted after it done. And I don't see any combofix.log. Maybe this one I found in windows\temp (T30DebugLogFile.txt) but, it nothing in there (0 KB)

Offline oldman

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 4142
  • Some days..... MOS...this bug's for you
Re: Virus Win32:Malware-Gen, How can i get rid of it?????
« Reply #21 on: November 20, 2009, 07:17:02 AM »
Hi

The log should be at C:\Combofix.txt

If you can't find the log there we will use another tool to have a look at that folder.

Please download SystemLook from one of the links below and save it to your Desktop.
Download Mirror #1
Download Mirror #2

  • Double-click SystemLook.exe to run it.
  • Copy the content of the following codebox into the main textfield
  • Do not copy the word CODE , please note the script starts with the :
Code: [Select]
:file
C:\WINDOWS\tepie\install.48143.exe
:dir
C:\WINDOWS\tepie
  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
Note: The log can also be found on your Desktop entitled SystemLook.txt

Please post the combofix log if you found it or the SystemLook log.

Thanks

domdom63

  • Guest
Re: Virus Win32:Malware-Gen, How can i get rid of it?????
« Reply #22 on: November 20, 2009, 06:05:22 PM »
Thanks for the replied, Mr. Oldman

Yes, I believed that I found combofix.txt in c:\comboFix

Offline oldman

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 4142
  • Some days..... MOS...this bug's for you
Re: Virus Win32:Malware-Gen, How can i get rid of it?????
« Reply #23 on: November 21, 2009, 03:08:51 AM »
Hi domdom63,

Combofix dosen't seem to have completed. Let's try again with a new copy.

Please delete the copy you have and download a new one. Don't run it, we run it with a command.

Download a new copy from one of these links and save it directly to your desktop.

It must be on your desktop, not in a folder on your desktop.

Link 1
Link 2

Please follow all previous instructions regarding security programs.

Don't be alarmed if your desktop disappears during the fix. It will reappear. Don't mouse click or do anything else while the tool is tunning.

Open a new Notepad session
  • Click the Start button, click run
  • in the run box type notepad
  • click ok
  • In the notepad, Click "Format" and be certain that Word Wrap is not checked.

  • Copy and paste all the text in the code box below into the Notepad. Do Not copy the word CODE
Code: [Select]
KillAll::

File::
C:\WINDOWS\tepie\install.48143.exe

Folder::
C:\WINDOWS\tepie



In the notepad
  • Click File, Save as..., and set the Save in to your Desktop
  • In the filename box, type (including quotation marks) as the filename: "CFScript.txt"
  • Click save
Next, click your start button, click run.

In the run box, copy and paste the following bolded line (it's one long line), then click OK.

"%userprofile%\desktop\combofix.exe" "%userprofile%\desktop\combofix.exe\CFScript.txt"

Please post back with the combofix log.




« Last Edit: November 21, 2009, 03:10:43 AM by oldman »

domdom63

  • Guest
Re: Virus Win32:Malware-Gen, How can i get rid of it?????
« Reply #24 on: November 21, 2009, 04:45:35 AM »
Mr. Oldman,

I've tried that but, when I enter
"%userprofile%\desktop\combofix.exe" "%userprofile%\desktop\combofix.exe\CFScript.txt"
The comboFix.exe started
After a few minutues I have this messages

ERROR - Script format is incorrect
Rich Text Formats (RTF) are unacceptable !!
Please save CFScript commands as a textfile, using notepad.exe

... But I did exactly what you told me to do

Offline oldman

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 4142
  • Some days..... MOS...this bug's for you
Re: Virus Win32:Malware-Gen, How can i get rid of it?????
« Reply #25 on: November 21, 2009, 05:46:50 AM »
Hi

Are you using notepad? The message would see to be consistant with using wordpad.

domdom63

  • Guest
Re: Virus Win32:Malware-Gen, How can i get rid of it?????
« Reply #26 on: November 21, 2009, 06:17:37 AM »
yes, i used notepad.exe

domdom63

  • Guest
Re: Virus Win32:Malware-Gen, How can i get rid of it?????
« Reply #27 on: November 21, 2009, 09:47:27 AM »
Oh, never mind Mr. Oldman,
I redo the text file and draged it to combofix's icon and it does the works. And here is the log.txt file for you.

Thank you

domdom63

  • Guest
Re: Virus Win32:Malware-Gen, How can i get rid of it?????
« Reply #28 on: November 21, 2009, 07:46:56 PM »
Oh no,

My computer is crashed. It keeps reboot. I have to put the recover disk to install the window now. Ím using my laptop to reply to you :(

Offline oldman

  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 4142
  • Some days..... MOS...this bug's for you
Re: Virus Win32:Malware-Gen, How can i get rid of it?????
« Reply #29 on: November 22, 2009, 06:43:59 AM »
Hi,

What were you doing when it crashed?